Compromise bill in US Senate would address cyber threats

July 19, 2012|Reuters

* Proposal best chance this year to get bill through-senator

* Obama supports measure, says cyber threats seriouschallenge

WASHINGTON, July 19 (Reuters) - Compromise legislationintroduced in the U.S. Senate on Thursday would bolster cyberthreat assessment and permit the government to share informationwith American business under certain conditions, a step aimed atbetter protecting them from attacks.

The bill, which is supported by President Barack Obama, is abipartisan effort to unify approaches and address privacyconcerns about information-sharing between the government andbusiness interests linked to infrastructure networks.

"The cyber threat to our nation is one of the most seriouseconomic and national security challenges we face," Obama saidin an opinion piece in the Wall Street Journal to be publishedon Friday, noting that no one has managed to damage or disruptinfrastructure networks so far.

"It would be the height of irresponsibility to leave adigital backdoor wide open to our cyber adversaries," he said.

Susan Collins, the top Republican on the Senate HomelandSecurity Committee and a co-sponsor of the bill, said expertshave "repeatedly warned" the computer networks that run theelectric grid, water systems, financial networks, andtransportation systems are vulnerable to cyber attack.

"The data and the headlines make it clear that we havealready waited too long to address this escalating threat. In aneffort to move this overdue legislation forward, the measurereleased today represents the Senate's best chance to pass cyberlegislation this year," Collins said.

A Homeland Security Department report earlier this month said it received 198 reports of suspected cyber incidents, orsecurity threats, in 2011, more than four times the 2010 level.

The report cited cases in which firms were infected withmalicious software designed for espionage and fraud. More than40 percent of the incidents were from the water sector.

Moreover, Obama said a water plant in Texas last yeardisconnected its controls from the Internet when a hacker postedpictures of the facility's internal controls. More recently,Obama said, hackers penetrated networks of companies operatingnatural gas pipelines.

Congress has been wrangling over the legislation. Privacyadvocates have criticized past proposals, including aHouse-passed bill in April, as overly intrusive.

The Senate plan seeks to address that concern.

It would create a public-private partnership to set cybersecurity standards for critical infrastructure and offer someimmunity from liability to those who meet them.

It would permit information-sharing between the privatesector and the federal government on threats, incidents, andfixes, while intending to preserve civil liberties and theprivacy of users.

Industry groups would be permitted to develop and recommendto a multi-agency Cybersecurity Council voluntary approaches tomitigate risks.